gstreamer1-plugins-base-1.16.1-4.el8_10
エラータID: AXSA:2024-9007:03
リリース日:
2024/11/14 Thursday - 22:09
題名:
gstreamer1-plugins-base-1.16.1-4.el8_10
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- GStreamer の EXIF 形式のメタデータの解析処理には、検証処理
の不足に起因した整数オーバーフローの問題があるため、ローカル
の攻撃者により、細工された EXIF 形式のデータの処理を介して、
任意のコードの実行を可能とする脆弱性が存在します。
(CVE-2024-4453)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2024-4453
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of EXIF metadata. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-23896.
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of EXIF metadata. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-23896.
追加情報:
N/A
ダウンロード:
SRPMS
- gstreamer1-plugins-base-1.16.1-4.el8_10.src.rpm
MD5: 3b584da9982963447c070ee9eebfb2ca
SHA-256: d1ebd1ef77065a7e53ea30e652db82e149cc385b6f13f280bbefdfe6d55922f0
Size: 3.78 MB
Asianux Server 8 for x86_64
- gstreamer1-plugins-base-1.16.1-4.el8_10.i686.rpm
MD5: b88aca3c0e9e97afda175994ea5fa0fb
SHA-256: d1fc9ebabaef01be0f5072126307b8ffb77c0f92c65c440b277bf908163de2ed
Size: 2.03 MB - gstreamer1-plugins-base-1.16.1-4.el8_10.x86_64.rpm
MD5: 3e9d768d1ba750440caed0c0753a0620
SHA-256: aa2542150ee4a56778d698b46eac186bacb77ce7c1d68c79fd6778c982c77564
Size: 1.95 MB - gstreamer1-plugins-base-devel-1.16.1-4.el8_10.i686.rpm
MD5: 468ee7bfd7227f29f99150202b23b90e
SHA-256: ca0fe4271f6b509db1b65cb17e026cf3d7930166462951c48cfb617a91bbf43a
Size: 420.77 kB - gstreamer1-plugins-base-devel-1.16.1-4.el8_10.x86_64.rpm
MD5: 77b0eb9bd0e724ae6a512e98c7f0ee07
SHA-256: a00521f9276f10b191f857113a87c3484298b99ca93ebbeea33fdeb4eca8d088
Size: 420.84 kB
English